I have 2 network interfaces on my instance (eth0 and eth1) I am trying to setup HAProxy to be interface aware and have separate frontends per interface.
The config below works as root (ie. i do not set user haproxy
portion). Wondering if there is a way to bind to interfaces and still run as non root user?
https://cbonte.github.io/haproxy-dconv/1.6/management.html#13 suggests that root privileges are required only for outbound interface awareness – is the documentation partial or am i missing some setting?
Config snippet
global
#Works only without below line but its implication is running as root user
user haproxy
frontend frontend_tcp_eth1
mode tcp
bind 0.0.0.0:80 interface eth1
Best Answer
You try to bind to port 80
This is a privileged port
https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html
To bind to this port you will need root privileges as described in the documentation.
https://cbonte.github.io/haproxy-dconv/1.6/management.html#13